public async Task <IActionResult> Login(LoginViewModel loginViewModel)
{
if (!ModelState.IsValid)
{
return(View(loginViewModel));
}
// Go to change password page if password = null
//var user = await _accountService.SignInAsync(loginViewModel.UserName);
var account = await _authenService.SignInAsync(loginViewModel.UserName);
if (account == null)
{
ModelState.AddModelError("Error", "User name or password is not valid.");
return(View(loginViewModel));
}
// Check password
var isCorrect = _authenService.VerifyPassword(loginViewModel.Password, account.PasswordHash, account.PasswordSalt);
if (isCorrect == false)
{
ModelState.AddModelError("Error", "Password is not valid.");
return(View(loginViewModel));
}
// Get user role
var roleName = await _authenService.GetRoleAsync(account.AccountId);
if (roleName == null)
{
ModelState.AddModelError("Error", "Authentication failed.");
return(View(loginViewModel));
}
// Add cookie authentication
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, account.UserName),
new Claim("FullName", account.UserName),
new Claim(ClaimTypes.Role, roleName),
};
var claimsIdentity = new ClaimsIdentity(
claims, CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(20),
IsPersistent = false,
AllowRefresh = false
});
return(RedirectToAction("Index", "Dashboard"));
}